India Leads Facebook’s Bug Bounty Program on Payouts and Participation

India is the top ranking country on Facebook’s bug bounty program, with the highest number of participating security researchers and in terms of paid bounties, which stands at Rs. 4.8 crores since the program was created, Facebook said.

“India has long topped the list of 127 countries whose researchers contribute to our bug bounty program. It also holds the top position for the country receiving the most bounties paid,” Adam Ruddermann, Technical Program Manager, on the Facebook Bug Bounty team writes on the Facebook blog.

“The Facebook bug bounty program pays out based on a bug’s risk, rather than its complexity or cleverness. This means you can maximise the value of your report by focusing on high-impact areas and submitting good quality reports,” said Ruddermann.

Earlier this month, Facebook had awarded $15,000 (roughly Rs. 10 lakhs) to 22-year old Anand Prakash, a security researcher who works at Flipkart.

Launched in 2011, Facebook’s bug bounty program lets white hat hackers report vulnerabilities in Facebook and its acquired companies and products, such as Instagram, Free Basics, Oculus, and Onavo.

The bug bounty program has received over 2,400 valid submissions, and awarded more than $4.3 million (roughly Rs. 28.6 crores) to over 800 researchers around the world, since its inception. In 2015, Facebook received a total of 13,233 submissions from 5,543 researchers in 127 countries, and paid out $936,000 (roughly Rs. 6.2 crores) to 210 researchers, who submitted a total of 526 valid reports. India, Egypt, and Trinidad and Tobago received the highest number of payouts, and average payout was $1,780 (roughly Rs. 1.18 lakhs), according to a recent post by the bug bounty team.